Iapain wrote:
>I want to know what's the best way to save passwords in SQL server using C#?
Use System.Security.Cryptography and convert password into hashes use
SHA1/MD5
Note that hashing algorithms are by nature one-way, meaning there isn't
a way to "unhash" something into a password again if you need to
retrieve it. Storing hashes is generally better, but it will mean that
should you ever actually need/want to see the password, you will be
unable to do so (easily, see below).
It used to be that hashes were viewed as offering more security in the
event of a system compromise but that's not necessarily true anymore
with the advent of Rainbow Tables and cheap disk space.
Chris.